Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Microsoft (R) Windows Debugger Version 10.0.10586.567 AMD64
- Copyright (c) Microsoft Corporation. All rights reserved.
- Loading Dump File [C:\Windows\MEMORY.DMP]
- Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available.
- ************* Symbol Path validation summary **************
- Response Time (ms) Location
- Deferred SRV*C:\Windows\symbol_cache*http://msdl.microsoft.com/download/symbols
- Symbol search path is: SRV*C:\Windows\symbol_cache*http://msdl.microsoft.com/download/symbols
- Executable search path is:
- Windows 10 Kernel Version 10586 MP (8 procs) Free x64
- Product: WinNt, suite: TerminalServer SingleUserTS Personal
- Built by: 10586.17.amd64fre.th2_release.151121-2308
- Machine Name:
- Kernel base = 0xfffff801`0cc15000 PsLoadedModuleList = 0xfffff801`0cef3c70
- Debug session time: Mon Jan 11 19:34:05.854 2016 (UTC - 5:00)
- System Uptime: 3 days 0:21:38.723
- Loading Kernel Symbols
- ...............................................................
- ................................................................
- .......................................................
- Loading User Symbols
- PEB is paged out (Peb.Ldr = 000000e2`80068018). Type ".hh dbgerr001" for details
- Loading unloaded module list
- .................................
- *******************************************************************************
- * *
- * Bugcheck Analysis *
- * *
- *******************************************************************************
- Use !analyze -v to get detailed debugging information.
- BugCheck 139, {3, ffffd00021787390, ffffd000217872e8, 0}
- Page 1100 not present in the dump file. Type ".hh dbgerr004" for details
- Page 1100 not present in the dump file. Type ".hh dbgerr004" for details
- Page 1100 not present in the dump file. Type ".hh dbgerr004" for details
- Probably caused by : dxgkrnl.sys ( dxgkrnl!DXGDEVICE::DestroyAllDeviceState+1cb )
- Followup: MachineOwner
- ---------
- 7: kd> !analyze -v
- *******************************************************************************
- * *
- * Bugcheck Analysis *
- * *
- *******************************************************************************
- KERNEL_SECURITY_CHECK_FAILURE (139)
- A kernel component has corrupted a critical data structure. The corruption
- could potentially allow a malicious user to gain control of this machine.
- Arguments:
- Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
- Arg2: ffffd00021787390, Address of the trap frame for the exception that caused the bugcheck
- Arg3: ffffd000217872e8, Address of the exception record for the exception that caused the bugcheck
- Arg4: 0000000000000000, Reserved
- Debugging Details:
- ------------------
- Page 1100 not present in the dump file. Type ".hh dbgerr004" for details
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 401
- BUILD_VERSION_STRING: 10586.17.amd64fre.th2_release.151121-2308
- SYSTEM_MANUFACTURER: Dell Inc.
- SYSTEM_PRODUCT_NAME: Inspiron 7559
- SYSTEM_SKU: 0706
- SYSTEM_VERSION: 1.1.3
- BIOS_VENDOR: Dell Inc.
- BIOS_VERSION: 1.1.3
- BIOS_DATE: 11/05/2015
- BASEBOARD_MANUFACTURER: Dell Inc.
- BASEBOARD_PRODUCT: 0H0CC0
- BASEBOARD_VERSION: A00
- DUMP_TYPE: 1
- BUGCHECK_P1: 3
- BUGCHECK_P2: ffffd00021787390
- BUGCHECK_P3: ffffd000217872e8
- BUGCHECK_P4: 0
- TRAP_FRAME: ffffd00021787390 -- (.trap 0xffffd00021787390)
- NOTE: The trap frame does not contain all registers.
- Some register values may be zeroed or incorrect.
- rax=ffffe000390b5260 rbx=0000000000000000 rcx=0000000000000003
- rdx=ffffe000390b53c0 rsi=0000000000000000 rdi=0000000000000000
- rip=fffff8010cd6ed82 rsp=ffffd00021787520 rbp=ffffd00021787629
- r8=ffffc0019d22a170 r9=0000000000000003 r10=7fffc0019d22a170
- r11=7ffffffffffffffc r12=0000000000000000 r13=0000000000000000
- r14=0000000000000000 r15=0000000000000000
- iopl=0 nv up ei ng nz na pe cy
- nt! ?? ::FNODOBFM::`string'+0x8c82:
- fffff801`0cd6ed82 cd29 int 29h
- Resetting default scope
- EXCEPTION_RECORD: ffffd000217872e8 -- (.exr 0xffffd000217872e8)
- ExceptionAddress: fffff8010cd6ed82 (nt! ?? ::FNODOBFM::`string'+0x0000000000008c82)
- ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
- ExceptionFlags: 00000001
- NumberParameters: 1
- Parameter[0]: 0000000000000003
- Subcode: 0x3 FAST_FAIL_CORRUPT_LIST_ENTRY
- CPU_COUNT: 8
- CPU_MHZ: a20
- CPU_VENDOR: GenuineIntel
- CPU_FAMILY: 6
- CPU_MODEL: 5e
- CPU_STEPPING: 3
- CPU_MICROCODE: 6,5e,3,0 (F,M,S,R) SIG: 49'00000000 (cache) 49'00000000 (init)
- DEFAULT_BUCKET_ID: LIST_ENTRY_CORRUPT
- BUGCHECK_STR: 0x139
- PROCESS_NAME: Gfxv4_0.exe
- CURRENT_IRQL: 2
- ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
- EXCEPTION_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
- EXCEPTION_CODE_STR: c0000409
- EXCEPTION_PARAMETER1: 0000000000000003
- ANALYSIS_SESSION_HOST: SKYFORGE
- ANALYSIS_SESSION_TIME: 01-12-2016 11:04:33.0238
- ANALYSIS_VERSION: 10.0.10586.567 amd64fre
- LAST_CONTROL_TRANSFER: from fffff8010cd622e9 to fffff8010cd57760
- STACK_TEXT:
- ffffd000`21787068 fffff801`0cd622e9 : 00000000`00000139 00000000`00000003 ffffd000`21787390 ffffd000`217872e8 : nt!KeBugCheckEx
- ffffd000`21787070 fffff801`0cd62610 : 00000000`00000048 00000000`00000000 ffffe000`2b753a50 fffff801`0ce452a1 : nt!KiBugCheckDispatch+0x69
- ffffd000`217871b0 fffff801`0cd617f3 : ffffe000`3408a010 ffffe000`3408a010 00000000`00000000 ffffe000`37c92e10 : nt!KiFastFailDispatch+0xd0
- ffffd000`21787390 fffff801`0cd6ed82 : ffffc001`9d22a0b0 ffffc001`9d22a170 00000000`00000000 00000000`00000000 : nt!KiRaiseSecurityCheckFailure+0xf3
- ffffd000`21787520 fffff800`4f67147b : ffffc001`00000000 ffffc001`818bf4c0 ffffc001`818bf500 ffffc001`818bf500 : nt! ?? ::FNODOBFM::`string'+0x8c82
- ffffd000`21787550 fffff800`4f670653 : ffffc001`818bf4c0 00000000`00000000 00000000`0000000b 00000000`00000000 : dxgkrnl!DXGDEVICE::DestroyAllDeviceState+0x1cb
- ffffd000`21787590 fffff800`4f653717 : ffffc001`818bf4c0 ffffc001`9d22a0b0 ffffc001`9d22a0b0 ffffe000`38e91480 : dxgkrnl!ADAPTER_RENDER::DestroyDevice+0xa7
- ffffd000`217875c0 fffff800`4f6500b4 : 00000000`00000100 ffffc001`9d22a0b0 ffffc001`9d22a0b0 fffff960`35892d90 : dxgkrnl!DXGPROCESS::Destroy+0x2bf
- ffffd000`21787690 fffff960`357b6c9c : 00000000`0000020c fffff901`44892010 00000000`00000000 00000000`00000000 : dxgkrnl!DxgkProcessCallout+0x64
- ffffd000`217876f0 fffff960`35435cb9 : fffff901`44892010 fffff901`44892010 ffffe000`35f2c3c0 00000000`00000001 : win32kbase!GdiProcessCallout+0x8c
- ffffd000`21787770 fffff960`357d08cb : ffffd000`21787948 ffffd000`217878c0 00000000`00000000 00000000`00000000 : win32kfull!W32pProcessCallout+0xd9
- ffffd000`217877a0 fffff801`0d011262 : ffffd000`217878c0 ffffe000`362a48a0 00000000`00000000 00000000`00000000 : win32kbase!W32CalloutDispatch+0x6b
- ffffd000`21787810 fffff801`0d01bddf : ffffe000`362a48a0 00000000`00000000 00000000`00000000 ffffe000`35f2c3c0 : nt!PsInvokeWin32Callout+0x42
- ffffd000`21787850 fffff801`0d0962f2 : ffffe000`00000000 ffffe000`38e91480 ffffe000`38e91480 ffffe000`35f2c3c0 : nt!PspExitThread+0x49b
- ffffd000`21787990 fffff801`0cd61fa3 : ffffe000`38e91480 ffffe000`35f2c3c0 ffffd000`21787a80 ffffd000`21787a80 : nt!NtTerminateProcess+0xde
- ffffd000`21787a00 00007fff`dd955364 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
- 000000e2`805ff048 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007fff`dd955364
- STACK_COMMAND: kb
- THREAD_SHA1_HASH_MOD_FUNC: a0a5514a4d87706527c6f92c37842ea8c43b81ac
- THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 11718e5c925d2d833f63315284a04f89616e7880
- THREAD_SHA1_HASH_MOD: c9f3f8c71ac99eb021b386cc891dde1c61018273
- FOLLOWUP_IP:
- dxgkrnl!DXGDEVICE::DestroyAllDeviceState+1cb
- fffff800`4f67147b 488b4b50 mov rcx,qword ptr [rbx+50h]
- FAULT_INSTR_CODE: 504b8b48
- SYMBOL_STACK_INDEX: 5
- SYMBOL_NAME: dxgkrnl!DXGDEVICE::DestroyAllDeviceState+1cb
- FOLLOWUP_NAME: MachineOwner
- MODULE_NAME: dxgkrnl
- IMAGE_NAME: dxgkrnl.sys
- DEBUG_FLR_IMAGE_TIMESTAMP: 5632d261
- BUCKET_ID_FUNC_OFFSET: 1cb
- FAILURE_BUCKET_ID: 0x139_3_dxgkrnl!DXGDEVICE::DestroyAllDeviceState
- BUCKET_ID: 0x139_3_dxgkrnl!DXGDEVICE::DestroyAllDeviceState
- PRIMARY_PROBLEM_CLASS: 0x139_3_dxgkrnl!DXGDEVICE::DestroyAllDeviceState
- TARGET_TIME: 2016-01-12T00:34:05.000Z
- OSBUILD: 10586
- OSSERVICEPACK: 0
- SERVICEPACK_NUMBER: 0
- OS_REVISION: 0
- SUITE_MASK: 784
- PRODUCT_TYPE: 1
- OSPLATFORM_TYPE: x64
- OSNAME: Windows 10
- OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
- OS_LOCALE:
- USER_LCID: 0
- OSBUILD_TIMESTAMP: 2015-11-22 04:24:24
- BUILDDATESTAMP_STR: 151121-2308
- BUILDLAB_STR: th2_release
- BUILDOSVER_STR: 10.0.10586.17.amd64fre.th2_release.151121-2308
- ANALYSIS_SESSION_ELAPSED_TIME: 92e
- ANALYSIS_SOURCE: KM
- FAILURE_ID_HASH_STRING: km:0x139_3_dxgkrnl!dxgdevice::destroyalldevicestate
- FAILURE_ID_HASH: {070f1ec5-2412-7644-8cb9-60ac33a7233f}
- Followup: MachineOwner
- ---------
Add Comment
Please, Sign In to add comment